Most computer systems today rely on an User ID and password combination to control access and to protect the data that resides on the systems. The strength of the protection mainly relies on the length and complexity of the password. Passwords should be easy to remember, but they should also be hard for others to guess.

Here are some best practices when choosing, maintaining, and protecting your passwords:

  • Make sure your password is at least 15 characters in length for NDGOV accounts.
  • For longer passwords, it may be easier to create one using a “passphrase”. A passphrase is a sequence of words or other text.
  • DO NOT share passwords.
  • DO NOT store passwords on sticky notes store it under your keyboard, under your phone, or online where it can be accessed by others.  Use a password manager to safely store passwords, such as PasswordState.
  • Ensure your password contains at least three of the following:
    • At least one (1) lower-case letter,
    • At least one (1) upper-case letter,
    • At least one (1) special character,
    • At least one (1) number.
    • Note: some agencies may require all four items in constructing a passphrase.
  • NDGOV user accounts are required to be reset at least every 365 days. Administrative-level accounts require more frequent password resets. 
  • Use one of the following methods for creating a passphrase:

Method 1

Using two words separated by a number or punctuation, like "Pro%F0otball#93"

Method 2

Take a word and change the case on some of the letters. Then, either insert a letter or punctuation, or replace some letters with numbers or punctuation, such as:  Missouri River ND -> M1$$ouriR1v3rnd

Method 3

Use a series of words and take the first letter and insert numbers and characters in creating a passphrase. 

For example, consider the phrase: My grandfather took me fishing by Lake Michigan and bought me Chicago Pizza in 1993 -> mgmtfbLM@bmCp1993